One of our beloved user Andre Dierker, reported a vulnerability in Enpass for Android, where in some situations, Enpass on Android was being presented with a vulnerability where the last edited item was being saved inside the app sandbox in data.xml in plaintext. An attacker could exploit this vulnerability to access that particular item on a rooted device.
Affected versions: 5.4.6 to 5.5.2
Fix: Recent update to v5.5.3 fixes this issue.
What should be done?
Please update your copy of Enpass to latest 5.5.3.